The fact that Azure has been certified according to 70+ different standards makes little to no difference if you as a customer have no idea how to configure your environment to be compliant. If you need help there are blueprints available.
With the new functionality now in preview you can easily see if your Azure deployment is in line with the certification you’re striving for.
The overview page shows you directly how your deployment aligns with various standards. In my case I’m passing 11 out of 16 checks for PCI DSS 3.2. If I need to process credit card data I’d be dead in the water, but now I can quickly see what I’ve missed for example.
Looking closer at our security posture at the moment I’ve drilled down a bit further, in this case selecting “Azure CIS” as the regulation I’d like to compare to. We can see a number of red areas where we obviously aren’t compliant. At this moment in time it doesn’t matter if you work in IT or not, if you see this you can easily figure out that you’re not.
The last step is to drill down into the areas that are red. This gives us detailed instructions on how to remediate the things we’re failing at. In the picture below we can see that we’ll need to enable disk encryption.
This feature in the Security Center will be improved over time and will (probably) let you filter on the compliance standards you want to see, hence not checking the ones you don’t really care about.
You can find all the documention on Azure Security Center over at https://docs.microsoft.com/en-us/azure/security-center
How are you using Security Center today? Let me know in the comments!